Connecting flash to an pub/sub or amqp server?

We have a flash application that only communicates with a php backend, which again communicates with mysql and redis. We have few asynchronous tasks, the resul开发者_如何转开发ts are delivered to the flash client by polling. Thinking and researching about it brought me to look at pub/sub and amqp. So the thought is to directly connect flash to an pub/sub or message queue server. I don't have practical experience with this related tools. Most important to me is to know if it's possible at all to have such an setup, which is secure.

What is secure?

• the server will only receive public data (no problem if it leaks to other users)
• the server is rather mature and it's possible to restrict the public usage (no writes etc)
• the server will be hosted on an dedicated machine (if necessary)

Redis has pub/sub, but i don't think redis is suited for that.

RabbitMQ has a feature to restrict an exchange to an specific user. But i'm not sure how to do the authentication or how it is possible to bind it to an existing session? I also wonder about how good RabbitMQ scales with lots of short lived channels.

Any advice is greatly apreciated!

If by secure, you mean can you use it across the Internet, then AMQP might not be the best choice unless you run your MQ broker as an SSL server. More info about RabbitMQ and SSL is here. I highly recommend the RabbitMQ site for information about all aspects of AMQP.

If that is too much for you, then perhaps a simpler protocol like 0MQ pub/sub would be better. They have no security layer but you could encrypt the messages at the application level. There is a FAQ at the 0MQ website that covers security.

Both of the above solutions are real message queuing solutions, unlike Redis. Any database that has a network interface (including SQL Server) can be used to hack together a crude message queue system. The first one I did was in 1997 but I don't recommend that anymore now that 0MQ and RabbitMQ are available freely.

If you use AMQP, then you have to rely on the MQ broker's security to prevent man-in-the middle attacks, since all messages pass through the broker. But if you use 0MQ, then you would be responsible for making your own apps secure. At the least this would require encrypted messages that include a token to be used in any reply messages, and if the reply token is not correct, you would ignore the message.

You could use BlazeDS Messaging for this if you don't mind going the java way http://opensource.adobe.com/wiki/display/blazeds/BlazeDS

Since you already have a php backend, check this out for some php possibilities.

Here is another nice article about this matter: http://www.infoq.com/articles/blazedsjms1

Cheers